Common open source software for load balancing: Nginx, LVS, keepalived
Commercial hardware load devices: F5, Netscale
1, LB, LVS Introduction
LB cluster is a shorthand for the load balance cluster, and translation into Chinese is a loading balancing cluster;
LVS is an open source software project that implements load balancing clusters;
The LVS architecture can be logically divided into the scheduling layer (Director), the server cluster layer (Real server) and the shared storage layer.
LVS can be divided into three modes of operation:
NAT (The scheduler changes the requested destination IP, the VIP address to the IP of the real server, and the returned packets go through the scheduler, and the scheduler then modifies the source address to the VIP)
TUN (The scheduler encapsulates the requested packet encryption over the IP tunnel to the back-end real server, and real server returns the data directly to the client, not the scheduler)
DR (The scheduler changes the destination MAC address of the requested packet to the MAC address of the real server and returns to the client without going through the scheduler.)
650) this.width=650; "src="/e/u261/themes/default/images/spacer.gif "style=" Background:url ("/e/u261/lang/zh-cn/ Images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "Spacer.gif"/>
LVS Scheduling algorithm: Round call scheduling (Round Robin) (abbreviated RR), weighted round call (Weighted Round Robin) (WRR), least link (least connection) (LC), weighted least link (Weighted least Connections) (WLC), etc.;
2. Lvs/nat Configuration
Preparatory work:
Need to prepare three machines clean centos6.6 system, Director machine need to install two network card;
Three servers one as director, two as real server
Director has an external network ip:192.168.22.11 and an intranet ip:192.168.11.11
Two real servers only have intranet IP: 192.168.11.100 and 192.168.11.101, and need set
Device=eth1 type=ethernetonboot=yesbootproto=staticipaddr=192.168.11.100gateway=192.168.11.11
After changing the gateway needs to restart the network card, first down and up, in a command implementation; If Ifdown, SSH will be interrupted;
# ifdown eth1 && ifup eth1
Director install Ipvsadm:#yum install-y ipvsadm
Two real servers install Nginx and need to install the Epel extension source first.
Yum Install-y epel-release
Yum install-y Nginx
When the installation is complete, start the Nginx:/etc/init.d/nginx start
Change the hostname of three servers to Dr, Rs1, Rs2
DIRECOTR on vi/usr/local/sbin/lvs_nat.sh//Add the following:
#! /bin/bashecho 1 >/proc/sys/net/ipv4/ip_forwardecho 0 >/proc/sys/net/ipv4/conf/all/send_redirectsecho 0 >/ Proc/sys/net/ipv4/conf/default/send_redirectsecho 0 >/proc/sys/net/ipv4/conf/eth0/send_redirectsecho 0 >/ Proc/sys/net/ipv4/conf/eth1/send_redirectsiptables-t nat-fiptables-t nat-xiptables-t nat-a postrouting-s 192.168.11 .0/24-j masqueradeipvsadm= '/sbin/ipvsadm ' $IPVSADM-c$ipvsadm-a-t 192.168.22.11:80-s wlc$ipvsadm-a-T 192.168.22.11:8 0-r 192.168.11.100:80-m-W 2$ipvsadm-a-T 192.168.22.11:80-r 192.168.11.101:80-m-W 1
Run this script directly to complete the Lvs/nat configuration:
/bin/bash/usr/local/sbin/lvs_nat.sh
Dr View Nat's Iptables
[[email protected] ~]# iptables-t nat-nvlchain postrouting (Policy ACCEPT 1 packets, 124 bytes) pkts bytes Target PR OT opt in Out source destination 0 0 Masquerade All--* * 192.168.11.0 /24 0.0.0.0/0
IPVSADM-LN View rules for Ipvsadm
Browser Open 192.168.11.100, 192.168.11.101 display Nginx Welcome page
650) this.width=650; "src="/e/u261/themes/default/images/spacer.gif "style=" Background:url ("/e/u261/lang/zh-cn/ Images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "Spacer.gif"/>650 "this.width=650;" src= "http ://s3.51cto.com/wyfs02/m02/6e/22/wkiol1v1b5scgg6raalq60a_4kg748.jpg "title=" nginx.jpg "alt=" Wkiol1v1b5scgg6raalq60a_4kg748.jpg "/>
Modify the HTML file on rs1 and rs2 to distinguish;
[Email protected] ~]# cat/usr/share/nginx/html/index.html rs1rs1rs1[[email protected] ~]# cat/usr/share/nginx/html/ Index.html rs2rs2rs2
Test the contents of two machines through a browser
Browser Open 192.168.22.11, will display the HTML content of rs1 or rs2;
Change the polling rule for WLC, with a weight of 2, to test
650) this.width=650; "src="/e/u261/themes/default/images/spacer.gif "style=" Background:url ("/e/u261/lang/zh-cn/ Images/localimage.png ") no-repeat center;border:1px solid #ddd;" alt= "Spacer.gif"/>650 "this.width=650;" src= "http ://s3.51cto.com/wyfs02/m01/6e/22/wkiol1v1chsizvu2aadw4ntqigk933.jpg "title=" qq20150607192355.jpg "alt=" Wkiol1v1chsizvu2aadw4ntqigk933.jpg "/>
With another Linux machine Curl test, appear 2 times 1, 1 times 2, switch back and forth instructions OK;
[[email protected] ~]# Curl 192.168.22.11rs1rs1rs1[[email protected] ~]# Curl 192.168.22.11rs1rs1rs1[[email protected] ~ ]# Curl 192.168.22.11rs2rs2rs2
On the Dr Machine Ipvsadm-ln can be viewed, weight ratio, keep the link than the approximate;
Remoteaddress:port Forward Weight activeconn inactconntcp 192.168.22.11:80 WLC--192.168.11.100:80 MASQ 2 0-192.168.11.101:80 masq 1 0 13
3. LVS/DR Configuration
In Dr Mode, the Director is only responsible for distributing, only incoming traffic, the throughput will be very large; Real server provides data directly to the user, the security will be reduced;
The machine in the DR needs to configure the public IP, the virtual IP each machine needs to be configured, the user requests the virtual IP when the request, returns the time to poll the RS to provide;
Three machines, each machine only need to configure 1 IP,VIP is executed with a script will appear, not manually set;
Director (eth1:192.168.11.11 VIP eth1:0 192.168.11.110)
Real Server1 (eth1:192.168.11.100 vip lo:0: 192.168.11.110)
Real Server1 (eth1:192.168.11.101 vip lo:0: 192.168.11.110)
Director on vim/usr/local/sbin/lvs_dr.sh //Add the following content
#! /bin/bashecho 1 >/proc/sys/net/ipv4/ip_forwardipv=/sbin/ipvsadmvip=192.168.11.110rs1=192.168.11.100rs2= 192.168.11.101ifconfig eth1:0 $VIP broadcast $vip netmask 255.255.255.255 uproute add-host $vip Dev eth1:0$ipv-c$ipv-a -T $VIP: 80-s rr$ipv-a-T $vip: 80-r $rs 1:80-g-W 1$ipv-a-t $vip: 80-r $rs 2:80-g-W 1
Two RS on:vim/usr/local/sbin/lvs_dr_rs.sh
#! /bin/bashvip=192.168.11.110ifconfig lo:0 $VIP broadcast $vip netmask 255.255.255.255 uproute add-host $vip lo:0echo "1" & Gt;/proc/sys/net/ipv4/conf/lo/arp_ignoreecho "2" >/proc/sys/net/ipv4/conf/lo/arp_announceecho "1" >/proc/sys /net/ipv4/conf/all/arp_ignoreecho "2" >/proc/sys/net/ipv4/conf/all/arp_announce
Then the director executes: bash/usr/local/sbin/lvs_dr.sh
Performed on two rs: bash/usr/local/sbin/lvs_dr_rs.sh
After execution, ifconfig can display the virtual IP address, the DR Display Eth1:0,rs1, RS2 display lo:0;
eth1:0 link encap:ethernet hwaddr 00:0c:29:70:4e:58 inet addr :192.168.11.110 bcast:192.168.11.110 mask:255.255.255.255 UP BROADCAST RUNNING MULTICAST MTU:1500 metric:1 interrupt:18 base address:0x2080 lo:0 link encap:local loopback inet addr:192.168.11.110 Mask:255.255.255.255 up loopback running mtu:65536 metric:1
IPVSADM-LN List Rules
[Email protected] ~]# Ipvsadm-lnip Virtual Server version 1.2.1 (size=4096) Prot localaddress:port Scheduler Flags-- Remoteaddress:port Forward Weight activeconn inactconntcp 192.168.11.110:80 rr--192.168.11.100:80 Route 1 0 3-192.168.11.101:80 Route 1 0 3
Start a single Linux machine for testing, browser testing is not obvious cache;
Curl 192.168.11.110 test, each occurrence 1 times the RR polling rule OK;
[[email protected] ~]# Curl 192.168.11.110rs1rs1rs1[[email protected] ~]# Curl 192.168.11.110rs2rs2rs2[[email protected ] ~]# Curl 192.168.11.110rs1rs1rs1[[email protected] ~]# Curl 192.168.11.110rs2rs2rs2
Change the polling algorithm to WRR, the weight is 2, and then execute the file, the error hint file already exists , because the /usr/local/sbin/lvs_dr.sh script file is already up eth1:0, So need to add in the script: Ifconfig eth1:0 down, then will not error;
$IPV-A-t $VIP: 80-s wrr$ipv-a-T $vip: 80-r $rs 1:80-g-W 2$ipv-a-t $vip: 80-r $rs 2:80-g-W 1
[[email protected] ~]# BASH/USR/LOCAL/SBIN/LVS_DR.SHSIOCADDRT: File already exists
If one of the RS is hung, it will still poll for access, so it will be open for a while.
Analog, RS2 stops Nginx:/etc/init.d/nginx stop
With Curl test, the request will still be sent to RS2, but it has been prompted not to connect to the host;
[[email protected] ~]# Curl 192.168.11.110rs1rs1rs1[[email protected] ~]# Curl 192.168.11.110rs1rs1rs1[[email protected ] ~]# Curl 192.168.11.110curl: (7) couldn ' t connect to host
LVS itself will not eliminate the dead real server, so need to combine keeplived;
This article is from the "Model Student's Learning blog" blog, please be sure to keep this source http://8802265.blog.51cto.com/8792265/1659585
Linux under LVs to build load Balancer cluster